Big items to consider: Security researchers have found that nearly all versions of the Magento e-commerce platform allows hackers to embed malicious JavaScript code insider customer registration forms on millions of e-commerce sites. A symantec partner has allegedly been caught running a tech support scam by leveraging bogus threats to sell overpriced security software. Sixteen lawmakers are trying to end congress’ gridlock by offering new bills that would help ensure student and employee privacy. Blockchain has emerged as a more secure, transparent, faster and less expensive financial alternative and continues to push for adoption throughout various industry.

Millions of online merchants are at risk of hijacking attacks made possible by a just-patched vulnerability in the Magento e-commerce platform. The stored cross-site scripting (XSS) bug is present in virtually all versions of Magento Community Edition and Enterprise Edition prior to 1.9.2.3 and 1.14.2.3, respectively, according to researchers from Sucuri, the website security firm that discovered and privately reported the vulnerability. It allows attackers to embed malicious JavaScript code inside customer registration forms. Magento executes the scripts in the context of the administrator account, making it possible to completely take over the server running the e-commerce platform.

According to San Jose, Calif.-based Malwarebytes, Silurian Tech Support ran a scam in which its employees, who billed themselves as support technicians, used obscure but harmless entries in Windows’ Event Viewer and Task Manager to claim that a PC had been overwhelmed by malware, then leveraged those bogus threats to sell overpriced copies of Symantec’s Norton security software and an annual contract for follow-up phone support.

On Wednesday 16 states’ lawmakers, with the advice and coordination of the American Civil Liberties Union, introduced bills designed to shore up Americans’ privacy on a long list of issues that federal lawmakers have either ignored or allowed to become paralyzed in Congress’s endless gridlock. That collective legislative push, which the ACLU is calling Take CTRL, addresses everything from student and employee privacy to new police surveillance techniques. The bills, together, would cover more than a 100 million Americans, by the count of the ACLU’s advocacy and policy counsel Chad Marlow.

Blockchain, or distributed ledger, technology is more secure, transparent, faster and less expensive than current financial systems. And it has applications in other sectors like identity issuance, land titles, provenance and more. But for all its superiority, it finds itself in what disruptive innovation author Geoffrey Moore would call “the chasm”: Right now, tech enthusiasts and other people who have strong reason to prefer this technology over existing options have adopted it, but the companies in the space now need to attract users outside the core believers.

10Fold Content Newsletter

Popular Post

Our Client – AppDynamics

Get in Touch with 10Fold!

With offices based in San Francisco, the California Bay Area and Southern California, 10Fold Communications is conveniently located in the epicenter of technology innovation.

About

10Fold Communications is a high-tech integrated marketing and public relations agency. We leverage our specialized skills and our well-established media and analyst relations to provide you with far-reaching perspectives, insights and results. We’re dedicated to your success and we have the know-how to make it happen..